Thanks for that Dorian, very interesting.

I use to hack telephone networks for fun back in the early 80s but assumed they had been made far more secure by now, apparently not.

The issue it seems is the SS7 protocol which was developed in 1975 before the internet was around is still used extensively, this suggests it's time for an upgrade but that will be a massive, probably world wide, task.

The only positive aspect is that this is a sophisticated attack requiring considerable technical and system knowledge and would probably only be worth doing if you are sure there is going to be a bucket of cash at the other end.

The Optus attack finally made me get off my bottom and shift a large chunk of cash I had in an internet accessible account to an account which I have to go into a branch to access, inconvenient for sure but I'll only need to do so once a year or so and it *cannot* be hacked now. 

A few years past I did some consultancy work on the vulnerability to hacking of certain building management systems; over the past 20 years these system have been made internet capable because it was simple, sexy and a good selling point but no one gave the slightest bloody consideration to security. A 100 story building may well have a few thousand people in it and if you can control the major environmental, transport and safety systems of that building you can do a *lot* of damage and create massive cost. The proverbial kid in the back bedroom could probably hack into most of them.

We have created this massive on-line world without thinking it through beforehand and are now paying the price.